For years, Apple has provided multiple methods to protect the data on a Mac: separate user accounts, passwords, passkeys with Face or Touch ID, and file encryption via FileVault. Plus, it includes an optional low-level security measure that prevents starting up from storage devices other than the selected startup disk.
This last option is known as the firmware password or Extensible Firmware Interface (EFI) lock and was used on all computers before 2023 when Apple finished shifting from Intel processors to silicon chips. The password isn’t necessary with the newer Apple silicon as the firmware functionality that it restricted is now found in macOS Recovery, which requires user authentication (when FileVault is enabled).
EFI blocks users’ ability to use all startup key combinations except the NVRAM or PRAM reset combinations. However, the command ‘Option + Cmd + P + R’ can initiate these older machines from macOS Recovery instead.
The Lost Mode feature of Find My Mac will remotely lock the computer with a firmware password for one-time use. The user’s Mac receives the lock instruction from iCloud, restarts, and asks for the system lock PIN code that was previously set up. After entering this, the Mac launches from the designated startup disk and disables the passcode.
A firmware password is not the same as an administrator or login password. It’s a separate password that appears immediately after booting up and must be entered into the system’s lock screen.
Low-level passwords are quite secure, meaning it’s almost impossible to do anything if you can’t remember your password. If you have forgotten the firmware password or passcode, know that Apple doesn’t allow any workarounds.
Instead, it recommends you schedule a service appointment at an Apple Store or Apple Authorized Service Provider. The process requires the original receipt or invoice as proof of purchase, although since this process only applies to older machines, finding this after so many years may be easier said than done.
Early macOS versions required manual installation of the firmware, but in 2015, Apple began bundling EFI updates with macOS updates to deliver security patches to all users. However, as security firm Duo Labs discovered in late 2017, some Macs didn’t get the correct firmware, making those without security software in place vulnerable to hackers.
Apple recommends checking the firmware version and updating it if needed. You can do this by launching a software update via System Settings.
On Intel-based Macs shipped before 2011, the firmware password was stored in the PRAM and read by the system EFI firmware before other PRAM variables. That led to a severe security issue, allowing the firmware to be revealed in a native macOS app and weakening the enhanced security Apple had hoped to introduce with the addition of the firmware password.
In 2011, however, Apple added an important change to the system: the EFI password was moved to a separate programmable controller from Atmel. This component contains lockable flash memory to store the password. It requires special programming with identifier numbers for the Mac’s motherboard and the Atmel chip to access and reset it.
Since the controller is an independent component, the only way to bypass it is to remove it from the motherboard manually, but this requires highly precise reflow soldering tools and techniques.
This firmware hardware hack works on all Intel MacBooks (even MacBook Pro and Air) and requires users to remove and reinstall the RAM. You can check our guide on how to remove the RAM on MacBooks for further reading.
Shut down your computer and remove the battery.
Locate your RAM, remove one of the RAM modules, and put it aside.
Put the battery back in and boot your computer while holding the Cmd + Option + P + R keys to reset the parameter RAM.
Restart your Mac while holding down the Cmd + R keys to enter Recovery Mode.
When the Utilities screen appears, go to the menu and select ‘Firmware Password Utility.’
Turn off the firmware password.
If none of the above methods have worked, you can have Apple do it for you as long as you have the original receipt or invoice. Alternatively, you can buy a Mac EFI lock bypass hardware kit or even download one of the many Mac firmware password unlock tools. If you use one of these you will void your warranty, so think carefully about whether you want to risk the procedure.
Best Reviews may receive compensation for its content through paid collaborations and/or affiliate links. Learn more about how we sustain our work and review products.
©2012-2024 Best Reviews, a clovio brand –
All rights
reserved
Privacy
policy
·
Cookie
policy
·
Terms
of use
·
Partnerships
· Contact
us
I locked myself out of my 2015 iMac it has a firmware lock on it. Is there anyway I can reset it without having to pay somebody to do it for me? I’ve told Apple that I’ve owned the computer since I bought it in 2015 I do not have the receipt I’ve called the bank. I’ve looked for the receipt but there’s no luck. I know Apple can go in to the computer and see when it was active and the first day that it was online and see that everything in there is in my name I just need help. Can someone please help
Hi Kevin, we’re sorry to hear you’re locked out of your Mac. Even though you no longer have the receipt, Apple might be able to assist you if you can provide some proof of ownership, such as:
– Serial Number: Find the iMac’s serial number. You can typically find this on the bottom of the stand or in the system info if you’re able to boot the iMac up to that stage.
– Apple ID: If the iMac was originally associated with your Apple ID, this might help establish proof of ownership.
– Original Purchase Information: If you purchased the device through any specific retailer, they may have a record of your purchase, especially if you have a bank or card statement showing the transaction.
If you have no luck with this, it’s then worth trying local third-party authorized repair services. Some authorized service providers can help remove a firmware lock once you’ve proven ownership. These providers can sometimes offer a less expensive solution compared to Apple directly.
Good luck!
My MacBook Air 2010 got stolen from my hotel room from who I thought was a friend so I put my Mac in lost mode and put a 4 digit pin.. unfortunately for me, I have so many pins and passwords that I have to remember I couldn’t remember what I set the lost mode pin to. Now for the past 2 weeks I’ve been desperately trying to regain access to use my Mac with no success!
I am fairly positive the phone I used to put it in lost mode is the same phone I stupidly threw at a wall out of sadness and anger. I’m just curious if I can’t successfully regain access thru any of my devices (I Mac, my new iPhone, and regular laptop) is it because it needs to be removed from lost mode on the device used to lock it?
Hi Shauna, and thank you for your comment! We’re happy to hear you could get your MacBook Air back. Fortunately, there’s a way to bypass the PIN if you’ve forgotten it. All you have to do is to use an iRemove tool. Have a nice day!
I’ve heard this trick only works with Core2Duo and earlier Macs.
Hi RusselCofIdaho, and thanks for your comment!
You’re making a good point there, but we wouldn’t say the method doesn’t work. Still, it’s indeed riskier since RAM is typically soldered to the motherboard in newer machines. Because of this, we recommend using EFI firmware password removal software, also known as an iRemove tool. Have a nice day!
On mac minis and imac using the RAM removal technique, do you meed to remove the PRAM battery? (Silver button battery)
Hello Kaygeebonds, and thank you for your comment.
It shouldn’t be necessary to remove the PRAM battery, as you can reset it quite easily without touching the hardware. You can learn how to do this by reading our PRAM reset guide. Good luck bypassing the EFI lock for your Mac Mini and iMac!
My MacBook pro can’t quit macos utility. And I forgot my firmware password. Is there another way I can fix this.
I live in the Solomon islands.